What challenges were you and your team experiencing prior to working with us – what prompted you to seek a solution? We were growing so rapidly, that we got to a size where we needed to have formalised data protection procedures and needed to firm up our policies and start implementing them within our daily operations and when dealing with larger clients.
How did you go about searching for the solution and services? We carried out a Google search and whittled our decision down to three companies.
Please describe the reasons you decided to work with us. It was really down to the balance between value and price. Evalian wasn’t the cheapest option but was reasonable based on the level of service we were seeking. We were struck by the professionalism and experience of the team from our initial scoping call with your commercial director. The sense of in-person support was a real pull and to have experts on the end of the line who were also incredibly experienced lawyers and consultants. We felt Evalian would be there to fully support us throughout the process. It’s always a fine balance as a start-up for obtaining resources, and we had no one internally focused on data protection. Also, engaging Evalian as our advisor was a more cost-effective solution than hiring an internal position.
Did you have any expectations going into the process? We had completed ISO 27001 assessments with another company, and that was very intense and hands-on, so I suppose we expected this service would be the same and quite onerous, but so far it has been a very easy process from our side with the support of Evalian consultants.
Can you describe the process we took your business through and anything you learnt about your own business through working this way? We had an initial conversation with our designated consultants, who gave us a high-level overview of the process. What was really attractive to us as we began, was that they told us that usually Evalian would perform a gap analysis, provide a comprehensive gap report and then a remediation plan, however they advised us that because, as a start-up, we didn’t have a huge amount in place, to begin with, that it would be a better fit for us to conduct the discovery phase as usual with a high-level executive summary and then go straight into remediation work. From our perspective, diving straight in made sense for us as an organisation, and we really appreciated that pragmatic approach.
Were there any challenges you found along the way and how did you feel we or your consultant, helped to support you through that? The only challenge has been from our side in trying to be as quick to respond to our consultants as they have been so attentive in responding to our queries.
What changes did you make as a result of working with us? Setting up the correct policies, although it’s still very early days. A lot of it is background work for Evalian in drafting policies, providing us with data assessment structure to share with the team and they’ll provide the structure of how to assess things. It’s been a light touch from our side, and we are super impressed with everything so far and feel it’s now easier having the extra resource (Evalian) to communicate the importance of data protection accurately to the team.
What has been the most significant achievement for your business facilitated by using our services? It’s still so early for us, so we haven’t met major milestones yet, but we definitely feel we have the confidence in Evalian providing us with expert advice were anything to arise.
What impact has the results from working with us had on your clients/stakeholders? Just having that confidence in our procedures is key, knowing we’ve got the right processes.
Learn more about our Outsourced DPO Services.